/**
 * 
 */
package com.marcinklos.filipides.security;

import java.io.IOException;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.security.authentication.AuthenticationDetailsSource;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
import org.springframework.web.filter.GenericFilterBean;

import com.google.appengine.api.users.User;
import com.google.appengine.api.users.UserServiceFactory;
import com.marcinklos.filipides.UserRole;

/**
 * @author quosoo
 *
 */
public class GAEAuthenticationFilter extends GenericFilterBean {
	private String registrationURL = "/register.html";
	private AuthenticationDetailsSource ads = new WebAuthenticationDetailsSource();
	private AuthenticationManager authenticationManager;
	private AuthenticationFailureHandler failureHandler = new SimpleUrlAuthenticationFailureHandler();
	/* (non-Javadoc)
	 * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)
	 */
	@Override
	public void doFilter(ServletRequest request, ServletResponse response,
			FilterChain filterChain) throws IOException, ServletException {
		Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
		if (authentication==null) {
			User googleUser = UserServiceFactory.getUserService().getCurrentUser();
			System.out.println("doFilter(): " + ((HttpServletRequest) request).getRequestURI() + "@" + googleUser);
			if (googleUser!=null) {
				PreAuthenticatedAuthenticationToken token = new PreAuthenticatedAuthenticationToken(googleUser, null);
				token.setDetails(ads.buildDetails(request));
				
				try {
					authentication = authenticationManager.authenticate(token);
					SecurityContextHolder.getContext().setAuthentication(authentication);
					if (authentication.getAuthorities().contains(UserRole.ROLE_NEW_USER)) {
						((HttpServletResponse) response).sendRedirect(this.registrationURL);
					}
				} catch (AuthenticationException e) {
					failureHandler.onAuthenticationFailure((HttpServletRequest) request, (HttpServletResponse) response, e);
					return;
				}
			}
		}
		filterChain.doFilter(request, response);
	}
	/**
	 * @return the authenticationManager
	 */
	public AuthenticationManager getAuthenticationManager() {
		return authenticationManager;
	}
	/**
	 * @param authenticationManager the authenticationManager to set
	 */
	public void setAuthenticationManager(AuthenticationManager authenticationManager) {
		this.authenticationManager = authenticationManager;
	}
	/**
	 * @param registrationURL the registrationURL to set
	 */
	public void setRegistrationURL(String registrationURL) {
		this.registrationURL = registrationURL;
	}

}
